I just challenged these since I didn't feel like I'd get much out of paying $3500/course for these. You don't get the official resources, but I figure at $900/exam and $150/retake, I'd still come out ahead even if a stumbled once or twice. I'm definitely glad I went this route.

I did the GSEC first. It is 180 questions, and you are given five hours. I got 170 correct and finished in an hour. Then I moved on to the serious one. The GPEN is 150 questions and you're given four hours. I got 136 in that one, and again finished in an hour. I actually only had ten wrong, but the java-based connection to a virtual machine was so slow that I just guessed on those because I had clearly already passed.

I do like that they tell you whether or not you got the previous question right or not, so you always know where you stand. I'd gladly give up the ability to review for that. I do find it humorous that they end the exam immediately if you ever get to the point where it's no longer possible to pass. Plus, I imagine it helps maintain the integrity of exams.

The questions were probably more straight-forward than any other exam I've ever taken. I wouldn't recommend challenging these unless you're well versed with the material. I've already done MCSE:S, Linux+, CCNA, CWNA, CWSP, etc. I've also gone through everything for the OSCP and CISSP, and regularly do pen testing, IT audits, risk assessments, vulnerability assessments, social engineering, etc. Needless to say, this was basically all review.

I might challenge the GWAPT next since I've been dabbling with web development since I was 13 and am familiar with all the common attacks. I might have to get the courses for GCIH and GCIA since those are further outside my realm of expertise. I'll see how I feel after I get through Counterhack Reloaded (supposedly close to the IH material) and the new Wireshark book. A quality Snort resource or two should put me in pretty good shape. I'm hoping to make a GSE attempt in the fall of 2011, and getting all those under my belt will make me eligible.

I'll worry about that later though. I only have a couple weeks to prepare for the CISSP, and I'm not even through the AIO book yet...

I didn't really get to prepare for these since I was so busy with work, so I never got around to taking the practice exams. I've already given one of the GSEC exams away, but I have one more of those and both for GPEN. My expiration for taking the GPEN was April 3th, and I'm not sure if the practice exams expire then or not. You must be an active/contributing member to apply. Sorry, no lurkers

Edit: GPEN practice exams are good until 6/2/2010, and GSEC exams are good until 9/22/2010.

Last edited by dynamik on Fri Apr 02, 2010 2:07 am, edited 1 time in total.

Nice job on passing both. As for the GSEC what made you decide on that and not go for something else a little higher up? What was your take on the GPEN in comparison to the CEH? I am very interested in the GSEC practice exam. Like I said in the other post I made I am willing to trade or get you an o'reily book if interested.

Actually, I had allocated that first GSEC practice exam to you since we discussed it in that other thread, so there's still one more for someone else PM me your email address.

GSEC is a prereq for the GSE, and I had a good feeling I could get through it easily, having already done the other certs I have. You can substitute GCUX and GCWN for the GSEC, but I don't know if I could get through those without the course materials. It was simply the cheapest and easiest way to fulfill that requirement.

Honestly, I thought the GPEN was a lot easier CEH. I hated the wording in the CEH, and it was ridiculously broad (there are no questions about terrorists and GPS on the GPEN). Keep in mind, I also do GPEN-level work every day, so that factors into the equation as well. I wouldn't lump it in with the A+ or anything

If the powers that be can forgive a link to another forum, my CEH experience is here.

As to the 504 I'd imagine you'd do pretty well, as 560 and 504 have significant cross overs on the tools. The mindset and approach to incident response as the key differentiators.

503 is a very different world and a more intense packet beast :-) If you get the chance, or work to pick up the tab, I'd take the SANS class as there's a lot of information and skill sets in the the class and material.

If you are manic enough to challenge the 503 exam, the wireshark book would be a great starting point (waiting for mine to turn up) and get yourself up to speed on packets on the wire.Then I'd head over to honeynet challenges http://www.honeynet.org/ and work your way through them.

Good luck with your progress to attempt on the GSE in 2011. Perhaps you should see if you can get some fellow EthicalHackers on this board to sign up with you and take the exam :-)

As to the 504 I'd imagine you'd do pretty well, as 560 and 504 have significant cross overs on the tools. The mindset and approach to incident response as the key differentiators.

503 is a very different world and a more intense packet beast :-) If you get the chance, or work to pick up the tab, I'd take the SANS class as there's a lot of information and skill sets in the the class and material.

If you are manic enough to challenge the 503 exam, the wireshark book would be a great starting point (waiting for mine to turn up) and get yourself up to speed on packets on the wire.Then I'd head over to honeynet challenges http://www.honeynet.org/ and work your way through them.

Thanks! I appreciate the advice.

Some of us at the office made the "mistake" of getting it signed. The non-signed copies showed up awhile ago while we're still waiting

What90 wrote:Good luck with your progress to attempt on the GSE in 2011. Perhaps you should see if you can get some fellow EthicalHackers on this board to sign up with you and take the exam :-)

So, are you volunteering?

A coworker of mine is also going to give it a shot. We're probably going to do terribly since it's not what we do day-to-day. I think we're each just going to setup a lab and take turns attacking each other's stuff and see what we come up with. Oh well, it's a challenge and something to work towards. I'd definitely like to move more into the IA/IH/forensics side of things sooner or later.

veritas_libertas wrote:Congratz man! So do you think GSEC can comfortably be challenged without taking a class?

That totally depends on your experience. I know someone that actually took the course, and the way the course goes is that they dedicate one day to Windows, one to Linux, one to Networking, and so on (I don't remember the designations for the others).

I've already done MCSE:S, CCNA, CEH, CWSP, Linux+, etc., so hardly any of that was new to me. I think the majority of the ones I got wrong were related to VOIP since I have no experience with that.

I wouldn't say the exam is significantly harder than the Security+. It just covers a lot more material, and making sure you have all your bases covered is going to be the most problematic aspect of going the self-study route. The Network Security Bible (2nd) will be a great resource to get you started. It was actually written by one of the GSEC authors. After that, I suppose you could just see how you do on the practice test questions, take notes about what you need to research further, and repeat.

veritas_libertas wrote:Also, do you get study material when you sign up to challenge a GIAC certification?

Nope, that's what I meant when I said you don't get the official resources. I'd challenge every one if they provided those to you. I'm not ragging on the courses; they sound awesome. I'm just having to pay for these out-of-pocket, and I have a difficult enough time coming up with $900 for an exam, let alone $3500 for a course.

Also, see if you can get in their work-study programs. You essentially help out during one of the courses and get to tag along. It's still $800 or $900, but that's a steal for training. I actually got accepted to do the GCIH in New Orleans last January, but my work schedule conflicted with it.

I've also heard you can sometimes pick up extra copies of the course material if you go to the conference and see if they have any they can spare. I remember the cost being something like $400. It's not cheap, but might be a viable option if you're on a budget.

Part of my main reason for wanting to pursue the GSEC in the future is a search on Monster.com for security jobs. Really the only GIAC certification that you get when you search for GIAC is the GSEC. I figure for me, since I am not currently in a security role it would be best to hit the most commonly looked for security certifications, and then move into the more advanced ones when I have a job coincides with them.

Part of my main reason for wanting to pursue the GSEC in the future is a search on Monster.com for security jobs. Really the only GIAC certification that you get when you search for GIAC is the GSEC.

No problem. No mention of the GCIH though? That's supposed to be extremely hot right now. I wouldn't expect to see a lot for the certs in more niche areas, like the GPEN, GWAPT, etc.

veritas_libertas wrote:I figure for me, since I am not currently in a security role it would be best to hit the most commonly looked for security certifications, and then move into the more advanced ones when I have a job coincides with them.

That's an excellent plan. You don't want your certs to vastly outpace your experience. You can always learn a programming language or something if you need to fill your free time

Ah yes, dreaded programming :P I actually took a basic C programming course during my Associate degree studies. I could pickup where I finished off at. Would a web language be better to study, or software programming?

Last edited by veritas_libertas on Sat Apr 03, 2010 4:04 pm, edited 1 time in total.

You really can't go wrong with starting out with C or Python. It totally depends on what you want to do though. If you're just going to do web app work, maybe PHP and Java would be better. However, once you get a good handle on one, others (save for something like assembly) aren't too bad to transition over into. I'd encourage you to work on something. It'll come in handy even if you just use it to parse log files or automate some other menial tasks. I haven't done any serious programming for awhile, but all the reverse engineering talk I've seen going on here has piqued my interests again.